A campaign involving 16 malicious Chrome extensions infected over 3.2 million users worldwide, exploiting browser vulnerabilities for advertising fraud and SEO manipulation. Discovered by GitLab Threat Intelligence, these extensions stripped security protections, injected harmful payloads, and hijacked user sessions. Despite removal from the Chrome Web Store, risks remain for users who haven’t uninstalled them. Regular audits and cautious permission granting are advised.

OAuth, guest accounts, and weak MFA drive SaaS risk
Organizations often create guest accounts to give contractors, suppliers, and partners temporary access to files and SaaS applications. Many of these accounts remain active long


